-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathScript_PrintNightmare_PShell.ps1
62 lines (46 loc) · 2.19 KB
/
Script_PrintNightmare_PShell.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<#
Autor : Tomparte
Version : 1.0
Comments : this script helps to protect against security breach 'PrintNightmare' by :
1. Creating and update regKey in HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers :
- RegisterSpoolerRemoteRpcEndPoint = 2 (DWORD)
(similar to Disabling the “Allow Print Spooler to accept client connections” in group policy management).
2. Creating or updating following registry keys in HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint :
- NoWarningNoElevationOnInstall = 0 (DWORD)
- UpdatePromptSettings = 0 (DWORD)
------------------------------------------------------------------------------------------------------------------------------------------------------------------#>
#var
$path = "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Printers"
$value = "2"
#test if-else
if(Test-Path $path)
{
#change values to 2
New-ItemProperty -Path $path -Name "RegisterSpoolerRemoteRpcEndPoint" -Value $value -PropertyType DWORD -Force
}
else
{
#create folder Point&Print
New-Item -Path $path -Force
#create and set values regKey to 2
New-ItemProperty -Path $path -Name "RegisterSpoolerRemoteRpcEndPoint" -Value $value -PropertyType DWORD -Force
}
#-----------------------------------------------------------------------------------------------------------------------------------------------------------------
#var
$path2 = "HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint"
$value2 = "0"
#test if-else
if(Test-Path $path2)
{
#change values to 0
New-ItemProperty -Path $path2 -Name "NoWarningNoElevationOnInstall" -Value $value2 -PropertyType DWORD -Force
New-ItemProperty -Path $path2 -Name "UpdatePromptSettings" -Value $value2 -PropertyType DWORD -Force
}
else
{
#create folder Point&Print
New-Item -Path $path2 -Force
#create and set values regKeys to 0
New-ItemProperty -Path $path2 -Name "NoWarningNoElevationOnInstall" -Value $value2 -PropertyType DWORD -Force
New-ItemProperty -Path $path2 -Name "UpdatePromptSettings" -Value $value2 -PropertyType DWORD -Force
}